Sunday, April 3, 2016

Windows 10 BitLocker

I normally focus on troubleshooting with my blog posts, but this one is an exception. I wrote up a section for course manual on BitLocker in Windows 10 that includes a couple of short activities enabling BitLocker. However, I'm concerned that that activities could take an extended period of time. So, this blog post is providing screenshots of what those activities look like.

Before I start with the steps, I was pleasantly surprised that I was easily able to get BitLocker going in a VM without doing anything goofy. Once upon a time, to get BitLocker going, we needed to use a virtual floppy to store the startup key. There is now an option to use a password instead. I haven't looked at this in a while and this is probably not a new option. I'm going to guess that Windows 8.1 at least probably had the same.

There are three nice things about a startup password for BitLocker:

You don't need a TPM in your computer to make it work. Many computers don't have a TPM so that requirement is a deal breaker for many people.

You don't need a USB key to startup. Before, the alternative to a TPM was a USB key with the startup key. The idea that I needed to keep a USB key with my laptop seemed inherently fragile.

The behavior mimics what other drive encryption products do. Many other full drive encryption products require a password to startup the system. Users that are used to this process like to continue using it.

With no further ado, here are the screenshots...

Enabling BitLocker in Windows 10

Turn on Bitlocker

Select an unlock method

Enter the password to unlock the drive

Save the key to a location that is not the drive being encrypted.

In my VM, I printed using the built in PDF printer since the VM only had the C: drive.

I'm not planning to access this drive from anything but Windows 10 build 1511 or later. So, new encryption mode was good.

No comments:

Post a Comment

Search with Summaries

Search with Full Postings

About Me

A consultant, author, and instructor for about 20 years. My areas of expertise are Windows Server, Exchange Server, and Office 365. While my primary role is a consultant, I also provide technical training (custom and Microsoft authorized). I have been part of a team authoring Microsoft Official Curriculum on Windows Server, Active Directory, and Exchange Server since 2003. I have also authored books for Microsoft Press, Cengage Learning, and Wiley. I was also a Microsoft MVP for Exchange Server/Office 365 (2012-2015).@ByronWrightGeekwww.btwsolutions.ca